When it comes to computer security, you’re as conscientious as they come.

You keep a state-of-the-art antimalware program up to date on your PC. You know better than to click on links in emails you weren’t expecting. You stay away from suspicious links in social media. And you keep off the traditional playgrounds of the cyberscum, such as porn sites, hacked software repositories and gambling dens.

But you can still find yourself getting hit with viruses and spyware. The bad guys are getting increasingly sophisticated, and sometimes, the bad guys are whole governments.

The discovery of the Stuxnet and Flame malware attacks has dramatically changed the computer security landscape, according to this piece in the MIT Technology Review. Both programs were able to bypass traditional security software, writes Tom Simonite, and wreak havoc.

While some may cheer the purpose behind Stuxnet and Flame, no one is happy that these programs have escaped into the wild and become more widespread than their creators likely hoped. Your PC becomes collateral damage in an escalating, bit-based war.

Of course, the U.S. and Israel are not alone. It’s long been believed that the Chinese government is behind a wave of cyberattacks aimed at businesses and governmental institutions. Google Gmail, for example, was hit by a sophisticated spear phishing campaign last year thattargeted U.S. officials, among others.

In all these cases, security software failed to detect or stop the threats. Simonite writes that security experts say it’s now time to change tactics:

Some experts and companies now say it’s time to demote antivirus-style protection. “It’s still an integral part [of malware defense], but it’s not going to be the only thing,” says Nicolas Christin, a researcher at Carnegie Mellon University. “We need to move away from trying to build Maginot lines that look bulletproof but are actually easy to get around.”

Both Christin and several leading security startups are working on new defense strategies to make attacks more difficult, and even enable those who are targeted to fight back.

“The industry has been wrong to focus on the tools of the attackers, the exploits, which are very changeable,” says Dmitri Alperovitch, chief technology officer and cofounder of CrowdStrike, a startup in California founded by veterans of the antivirus industry that has received $26 million in investment funding. “We need to focus on the shooter, not the gun—the tactics, the human parts of the operation, are the least scalable.”

CrowdStrike doesn’t go into detail about just how its offering would work – in fact, none of the companies in Simonite’s piece provide details about how they’d stop such threats, which is a frustrating omission given the topic. But generally, they talk about making it for difficult for the perpetrators to profit from their actions. If you make it more expensive to extract information or cash from victims, it might make this kind of crime less attractive.

Other companies have begun talking in similar terms. “It goes back to that ’80s law enforcement slogan: ‘Crime doesn’t pay,’ ” says Sumit Agarwal, a cofounder of Shape Security, another startup in California that recently came out of stealth mode. The company has $6 million in funding from ex-Google CEO Eric Schmidt, among others. Agarwal’s company is also keeping quiet about its technology, but it aims to raise the cost of a cyber assault relative to the economic payoff, thus making it not worth the trouble to carry out.

One example of making crime less profitable: Shutting down or prosecuting banks and other financial entities that accept payments generated by scam malware.

Still, it remains a cat-and-mouse game, and when the cats are nations, they’re a lot harder to avoid.

Dwight Silverman | Techblogger, social media manager

Connect

Upgrade your geek with Dwight Silverman

Search TechBlog

Keyword search across all the entries in this blog.

Categories

Categories

Search TechBlog by month/year

Search TechBlog by month/year

Browse previous blog posts by month and year of entry. You'll see all the posts for that time period.

Select Month

Show Earlier

Browse previous blog posts by month and year of entry. You'll see all the posts for that time period.